diff options
Diffstat (limited to 'exampleSite/config.toml')
-rw-r--r-- | exampleSite/config.toml | 44 |
1 files changed, 22 insertions, 22 deletions
diff --git a/exampleSite/config.toml b/exampleSite/config.toml index dcc4195..07f9608 100644 --- a/exampleSite/config.toml +++ b/exampleSite/config.toml @@ -74,28 +74,28 @@ customJS = [] # connectionString = "connectionString" # If you want to implement a Content-Security-Policy, add this section -[params.csp] -childsrc = ["'self'"] -fontsrc = ["'self'", "https://fonts.gstatic.com", "https://cdn.jsdelivr.net/"] -formaction = ["'self'"] -framesrc = ["'self'"] -imgsrc = ["'self'"] -objectsrc = ["'none'"] -stylesrc = [ - "'self'", - "'unsafe-inline'", - "https://fonts.googleapis.com/", - "https://cdn.jsdelivr.net/" -] -scriptsrc = [ - "'self'", - "'unsafe-inline'", - "https://www.google-analytics.com", - "https://cdn.jsdelivr.net/" -] -prefetchsrc = ["'self'"] -# connect-src directive – defines valid targets for to XMLHttpRequest (AJAX), WebSockets or EventSource -connectsrc = ["'self'", "https://www.google-analytics.com"] +# [params.csp] +# childsrc = ["'self'"] +# fontsrc = ["'self'", "https://fonts.gstatic.com", "https://cdn.jsdelivr.net/"] +# formaction = ["'self'"] +# framesrc = ["'self'", "https://www.youtube.com"] +# imgsrc = ["'self'"] +# objectsrc = ["'none'"] +# stylesrc = [ +# "'self'", +# "'unsafe-inline'", +# "https://fonts.googleapis.com/", +# "https://cdn.jsdelivr.net/", +# ] +# scriptsrc = [ +# "'self'", +# "'unsafe-inline'", +# "https://www.google-analytics.com", +# "https://cdn.jsdelivr.net/", +# ] +# prefetchsrc = ["'self'"] +# # connect-src directive – defines valid targets for to XMLHttpRequest (AJAX), WebSockets or EventSource +# connectsrc = ["'self'", "https://www.google-analytics.com"] [taxonomies] category = "categories" |